<?php

include 'config.php';
$target_path1 = '/var/www/html/salushospital/storage/';
//$target_path1 = '/home/salusban/www/salusbank.ch/salushospital/storage/';
$return_path = 'http://' . $_SERVER['HTTP_HOST'] . '/salushospital/welcome';
$date = date('Y-m-d');
$hid = $_COOKIE['hid'];
echo basename($_FILES['uploadedfile']['name']);
$target_path = $target_path1 . basename($_FILES['uploadedfile']['name']);
/*
 * finding receiver id.
 */
$q = mysql_query("select id from fa_user where user_name = '" . $_POST['user_name'] . "' ") or die(mysql_error());
if ($q == 0) {
    header('Location:welcome?e=u');
} else {
    $uid = mysql_fetch_array($q) or die();
    $receiver_id = $uid['id'];
    if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
        $fn = time() . '_' . $hid . substr($_FILES['uploadedfile']['name'], -4);
        rename($target_path, $target_path1 . $fn);        
        mysql_query("insert into hospital_data (`sr`,`title`,`document`,`sender_id`,`receiver_id`,`flag`) values(NULL,'" . $_POST['title'] . "','" . $fn . "','" . $_COOKIE['hid'] . "','" . $receiver_id . "',0)") or die(mysql_error());
        header('Location:welcome?e=s');
    } else {
        header('Location:welcome?e=e');        
    }
}
?>
